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DETAILED ACTION 

1. Claims 1, 2, 4-15, 17-28 and 30-39 are pending. 

2. After Final Amendment filed 09/16/2005 has been received 
and considered. However, it has not been entered because the 
amendments made in the response are incorporated in the 
Examiner's Amendment below. 

EXAMINER'S AMENDMENT 

3. An examiner's amendment to the record appears below. Should 
the changes and/or additions be unacceptable to applicant, an 
amendment may be filed as provided by 37 CFR 1.312. To ensure 
consideration of such an amendment, it MUST be submitted no 
later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a 
telephone interview with Mari Stewart on 09/19/2006 .The 
application has been amended as follows: 
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Amendments to the Claims: 

This listing of claims' will replace all prior versions, and 
listings, of claims in the application: 

Listing of Claims : 

1. (Currently amended) A computer implemented method in a data 
processing system for automatically configuring IP security tunnels, 
said computer implemented method comprising the steps of: 

retrieving a remote computer system identifier; 

determining whether a local-remote pair corresponding to the 
identifier is found, wherein the local-remote pair is used in 
selecting a security policy, and wherein an error, is reported 
indicating that a user needs to configure a tunnel with the remote 
computer system if the local-remote pair is not found; [ [and] ] 

defining a configuration of an IP security tunnel between the 
data processing system and the remote computer system utilizing a 
security policy specification format, wherein said security policy 
specification format is established as a document type definition 
(DTD) file capable of being utilized by a plurality of different 
operating systems and a plurality of different machine types ; and 

including a plurality of different elements in said DTD file, 
each of said plurality of different elements being utilized to 
configure an IP security tunnel . 

2. (Previously presented) The method according to claim 1, wherein 
said DTD file defines a collection of elements, and further 
comprising : 

generating an XML file utilizing the collection of elements 
defined in said DTD file, wherein said XML file defines a 
configuration of a particular IP security tunnel, and wherein said XML 
file is processed to automatically configure said IP security tunnel 
defined by the XML file. 
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3. (Canceled) 

4. (Currently amended) The method according to claim 1 [[3]], 
further comprising the steps of: 

generating an XML file utilizing a plurality of said plurality of 
different elements included within said DTD file; and 

processing said XML file to automatically configure an IP 
security tunnel. 

5. (Original) The method according to claim 1, further comprising 
the step of including a root element in said security policy 
specification format. 

6. (Original) The method according to claim 1, further comprising 
the step of establishing a protection element in said security policy 
specification format, said protection element including a listing of 
IKE transforms. 

7. (Original) The method according to claim 1, further comprising 
the step of establishing a transform element in said security policy 
specification format. 

8. (Previously presented) The method according to claim 1, further 
comprising the step of establishing a group element in said security 
policy specification format, wherein said group element contains 
multiple identification elements. 

9. (Original) The method according to claim 1, further comprising 
the step of establishing an identification element in said security 
policy specification format. 
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10. (Original) The method according to claim 1, further comprising 
the step of establishing a tunnel element in said security policy 
specification format. 

11. (Original) The method according to claim 1, further comprising 
the step of establishing a root element, a protection element, a 
transform element, a group element, an identification element, a 
tunnel element, a local/remote identify element, an ID type element, 
an ID definition element, a pre-shared key element, an IPsec proposal 
element, an IPsec ESP protocol element, an IPsec authentication header 
element, and an IPsec protection element in said security policy 
specification format. 

12. (Original) The method according to claim 1, further comprising 
the step of automatically configuring an IP security tunnel utilizing 
said security policy specification format. 

13. (Original) The method according to claim 1, further comprising 
the step of comparing a first IP security tunnel to a second IP 
security tunnel utilizing a first security policy specification format 
that is associated with said first IP security tunnel and a second 
security policy specification format that is associated with a second 
IP security tunnel. 

14. (Currently amended) A computer program product comprising: 

a computer readable recordable m edium having computer usable 
program code for defining a configuration of IP security tunnels in a 
data processing system, comprising: 

computer usable program code for retrieving a remote computer 
system identifiers- 
computer usable program code for determining whether a local- 
remote pair corresponding to the identifier is found, wherein the 
local-remote pair is used in selecting a security policy, and wherein 



Application/Control Number: 09/935,395 
Art Unit: 2137 



Page 6 



an error is reported indicating that a user needs to configure a 
tunnel with the remote computer system if the local-remote pair is not 
found; 

computer usable program code for automatically configuring an IP 
security tunnel between the data processing system and the remote 
computer system utilizing a security policy specification format 
wherein said security policy specification format is established as a 
document type definition (DTD) file capable of being utilized by a 
plurality of different operating systems and a plurality of different 
machine types ; and 

computer usable program code for including a plurality of 
different elements in said DTD file, each of said plurality of 
different elements being utilized to configure an IP security tunnel , 

15. (Previously presented) The product according to claim 14, 
wherein said DTD file defines a collection of elements, and further 
comprising : 

generating an XML file utilizing the collection of elements 
defined in said DTD file, wherein said XML file defines a 
configuration of a particular IP security tunnel, and wherein said XML 
file is processed to automatically configure said IP security tunnel 
defined by the XML file. 

16. (Canceled) 

17. (Currently amended) The product according to claim L4 [[15]], 
further comprising: 

computer usable program code for generating an XML file utilizing 
a plurality of said plurality of different elements included within 
said DTD file; and 

computer usable program code for processing said XML file to 
automatically configure an IP security tunnel. 
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18. (Previously presented) The product according to claim 14, 
further comprising computer usable program code for including a root 
element in said security policy specification format. 

19. (Previously presented) The product according to claim 14, 
further comprising computer usable pro'gram code for establishing a 
protection element in said security policy specification format, said 
protection element including a listing of IKE transforms. 

20. (Previously presented) The product according to claim 14, 
further comprising computer usable program code for establishing a 
transform element in said security policy specification format. 

21. (Previously presented) The product according to claim 14, 
further comprising computer usable program code for establishing a 
group element in said security policy specification format, wherein 
said group element contains multiple identification elements. 

22. (Previously presented) The product according to claim 14, 
further comprising computer usable program code for establishing an 
identification element in said security policy specification format. 

23. (Previously presented) The product according to claim 14, 
further comprising computer usable program code for establishing a 
tunnel element in said security policy specification format, 

24. (Previously presented) The product according to claim 14, 
further comprising computer usable program code for establishing a 
root element, a protection element, a transform element, a group 
element, an identification element, a tunnel element, a local/remote 
identify element, an ID type element, an ID definition element, a pre- 
shared key element, an IPsec proposal element, an IPsec ESP protocol 
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element, an IPsec authentication header element, and an IPsec 
protection element in said security policy specification format. 

25. (Previously presented) The product according to claim 14, 
further comprising computer usable program code for automatically 
configuring an IP security tunnel utilizing said security policy 
specification format. 

26. (Previously presented) The product according to claim 14, 
further comprising computer usable program code for comparing a first 
IP security tunnel to a second IP security tunnel utilizing a first 
security policy specification format that is associated with said 
first IP security tunnel and a second security policy specification 
format that is associated with a second IP security tunnel. 

27. (Currently amended) A data processing system for automatically 
configuring IP security tunnels, . comprising : 

a computer; 

a computer readable medium containing computer readable 
instructions, wherein the computer executes the computer readable 
instructions to retrieve a remote computer system identifier; 
determine whether a local-remote pair corresponding to the identifier 
is found, wherein the local-remote pair is used in selecting a 
security policy, and wherein an error is reported indicating that a 
user needs to configure a tunnel with the remote computer system if 
the local-remote pair is not found_^ [[and]] automatically configure an 
IP security tunnel between the data processing system and the remote 
computer system utilizing a_security policy specification format, 
wherein said security policy specification format is established as a 
document type definition (DTD) file capable of being utilized by a 
plurality of different operating systems and a plurality of different 
machine types ; and include a plurality of different elements in said 
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DTD file^ each of said plurality of different elements being utilized 
to configure an IP security tunnel . 

28. (Previously presented) The system according to claim 27, wherein 
said DTD file defines a collection of elements, and further 
comprising : 

generating an XML file utilizing the collection plurality of 
different elements defined in said DTD file, wherein said XML file 
defines a configuration of a particular IP security tunnel, and 
•wherein said XML file is processed to automatically configure said IP 
security tunnel defined by the XML file. 

29. (Canceled) 

30. (Currently amended) The system according to claim 27_ [[29]], 
further comprising: 

an XML file being generated utilizing a plurality of said 
plurality of different elements included within said DTD file; and 

said system for processing said XML file to automatically 
configure an IP security tunnel. 

31. (Original) The system according to claim 27, further comprising 
a root element being included in said security policy specification 
format. 

32. (Original) The system according to claim 27, further comprising 
a protection element being included in said security policy 
specification format, said protection element including a listing of 
IKE transforms. 

33. (Original) The system according to claim 27, further comprising 
a transform element being included in said security policy 
specification format . 
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34. (Previously presented) The system according to claim 27, further 
comprising a group element being included in said security policy 
specification format, wherein said group element contains multiple 
identification elements , 

35. (Original) The system according to claim 27, further comprising 
an identification element being included in said security policy 
specification format . 

36. (Original) The system according to claim 27, further comprising 
a tunnel element being included in said security policy specification 
format . 

37. (Original) The system according to claim 27, further comprising 
a root element, a protection element, a transform element, a group 
element, an identification element, a tunnel element, a local/remote 
identify element, an ID type element, an ID definition element, a pre- 
shared key element, an IPsec proposal element, an IPsec ESP protocol 
element, an IPsec authentication header element, and an IPsec 
protection element being included in said security policy 
specification format. 

38. (Original) The system according to claim 27, further comprising 
said system for automatically configuring an IP security tunnel 
utilizing said security policy specification format. 

39. (Original) The system according to claim 27, further comprising 
said system for comparing a first IP security tunnel to a second IP 
security tunnel utilizing a first security policy specification format 
that is associated with said first IP security tunnel and a second 
security policy specification format that is associated with a second 
IP security tunnel. 
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Allowable Subject Matter 

4. The following is an examiner's statement of reasons for 
allowance: The above amendments incorporate the subject matter 
of claim 3 which was previously objected to as being allawable 
if placed in independent form. Furthermore, the addition of 
"recordable'' to the computer readable medium of claim 14 makes 
this medium tangible because the specification defines 
recordable type media as, "a floppy disk, a hard drive, a RAM, 
CD-ROMs, DVD-ROMs" distinguishing this media from transmission 
media which relates to non-tangible and therefore non-statutory 
subject matter therefore making all claims statutory with regard 
to 35 use 101. 

Any comments considered necessary by applicant must be 
submitted no later than the payment of the issue fee and, to 
avoid processing delays, should preferably accompany the issue 
fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 

Conclusion 

Any inquiry concerning this communication or earlier 
communications from the examiner should be directed to Michael 
Pyzocha whose telephone number is (571) 272-3875. The examiner 
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can normally be reached on 7:00am - 4:30pm first Fridays of the 
bi-week off. 

If attempts to reach the examiner by telephone are 
unsuccessful, the examiner^ s supervisor, Emmanuel Moise can be 
reached on (571) 272-3865. The fax phone number for the 
organization where this application or proceeding is assigned is 
571-273-8300. 

Information regarding the status of an application may be 
obtained from the Patent Application Information Retrieval 
(PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, 
see http://pair-direct.uspto.gov. Should you have questions on 
access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free) . If you would 
like ■ assistance from a USPTO Customer Service Representative or 
access to the automated information system, call 800-786-9199 
(IN USA OR CANADA) or 571-272-1000. 



MJP 



EMMANUEL L MOISE 
SUPERVISORY PATEffT EXAMINER 




